Repo for generating a core dump debugging murder mystery game site.

THIS REPO HAS SPOILERS FOR THE GAME!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

You can play it here: https://www.robopenguins.com/fatal_core_dump/

For a blog post on the design process see: https://www.robopenguins.com/core-dump-game/

The repo that hosts a VM for debugging the core dump in the browser is: https://github.com/axlan/webvm/tree/fatal_core_dump

• bin - Output directory for generated files
• lib - Directory for internal libraries. These are not given as part of the mystery and are mostly stubs to set up the conditions for the core dump
• minimal_example - A directory with experiments used to design the hack used in the murder
• rpg_maker_project - RPG Maker project source and assets
• scripts - Scripts to automate generating core dump and other evidence
• site - The murder mystery game is presented as this static HTML site. Some files are links to rpg_maker_project assets, binary output, or are generated by scripts
• src - The airlock controller source that the player sees while solving the mystery

Generate evidence:

./scripts/docker_generate_site.sh

Upload site:

./scripts/upload_site.sh

Run airlock_ctrl in debugger:

./scripts/generate_hack.sh
# Can also use pwndbg command
gdb -x scripts/analysis.gdbinit bin/airlock_ctrl

Run proof of concept:

make clean && make
env -i setarch $(uname -m) -R $PWD/bin/min_poc
# Check that the addresses printed match the values in vuln_test5.py
python minimal_example/vuln_test5.py
cp bin/input5_good bin/input5
env -i setarch $(uname -m) -R $PWD/bin/min_poc